Global Retailer Credential Stuffing Case Study

Fraud

Attack Types

Authentication

Account Takeover

Bots

Credential Stuffing

Netacea

May 17, 2021

Case Studies

In early 2018, one of the world’s largest retailers identified they were being frequently targeted by credential stuffing attacks. Using breached username and passwords, threat actors were gaining access to customer accounts to make fraudulent purchases, costing the tune of millions of pounds per month. Attackers can then sell on the validated account via the Dark Web.

The fraudulent activity not only cost the retailer directly, but also put the brand’s reputation at risk. Customers were continually locked out of accounts, asked to verify their legitimacy or required to reset their usernames and passwords following an attack, leaving many users feeling frustrated.

Netacea describes what measures were implemented to prevent credential stuffing to protect the retailer from both volumetric and low and slow credential stuffing attacks, freeing up their SOC team to focus on new and emerging threats.

Some content is hidden, to be able to see it login here Login

Tagged:

Blue-tinted background of a man watching a webinar

Host a Webinar with the MRC

Help the MRC community stay current on relevant fraud, payments, and law enforcement topics.

Submit a Request

Publish Your Document with the MRC

Feature your case studies, surveys, and whitepapers in the MRC Resource Center.

Submit Your Document

Related Resources

Mar 13, 2028

MRC Vegas 2028 Join MRC Vegas 2028, the leading fraud prevention and payments event, 16-19 March at ARIA Resort & Casino, Las Vegas. Network with industry leaders and explore cutting-edge solutions in the payment processing space.

Mar 15, 2027

MRC Vegas 2027 Join the global payments and fraud prevention community at MRC Vegas 2027, 15-18 March, at ARIA Resort & Casino. Connect with industry leaders and gain insights to combat fraud and drive payment innovation.

Mar 16, 2026

MRC Vegas 2026 Save the Date for MRC Vegas 2026! Join us from 16-19 March 2026 at ARIA Resort & Casino in Las Vegas for the premier payments and fraud prevention conference. Discover cutting-edge insights from industry leaders, engage in expert panels, and network with peers.

May 28, 2025

Sift Presents The ATO Playbook: Actionable Insights from a Former Fraudster and Fraud Manager Explore how ATOs happen and how to prevent them. Get insider tactics from a former fraudster and real-world defense tips from a fraud expert.

Apr 29, 2025

MRC Barcelona 2025 Opening Remarks This opening session will set the stage for an exciting few days of learning, collaboration, and innovation.

Apr 29, 2025

Mastering Multi-Region, Multi-Brand Fraud Prevention Under One Roof: Puig’s Journey In this fireside chat, luxury fashion/beauty company Puig shares their journey navigating fraud challenges using advanced fraud prevention techniques – and the insights that come from successfully managing major brands internationally, under one roof.

Apr 29, 2025

MRC Barcelona 2025 Merchant Issuer Panel Increased collaboration between card issuers and merchants continues to present new opportunities for reducing operational expense associated with fraud and dispute servicing, increasing acceptance, and creating an optimal experience for consumers.

Apr 29, 2025

Navigating Payment Fraud Landscape: Evolving from Single-Product Solution to Multi-Product Approach We will share insights into the development and implementation of our fraud strategies, highlighting key learnings and the challenges faced along the way.

Dec 05, 2023

DataDome - 2023 U.S. Bot Security Report DataDome's new study finds that a staggering 68% of US websites are unprotected against simple bot attacks, highlighting how vulnerable US businesses are to automated online threats. E-commerce sites are particularly exposed.

Aug 11, 2023

2023 UK Bot Security Report 2 in 3 UK Websites Are Unprotected Against Simple Bot Attacks.

Dec 05, 2022

2022 Southeast Asia Digital Commerce Insights While the region’s recovery after a turbulent period is well underway, businesses now find themselves in a more complex environment. How nimble and flexible is your business in adopting new payments to stay on top of market shifts and fraud risks? See how you compare.

May 17, 2022

2022 MRC Global Fraud and Payments Survey This illuminating report, produced by the Merchant Risk Council, Cybersource and Verifi, provides the latest industry fraud trends, fraud management methods, and payment strategies used by merchants globally, along with a robust set of performance benchmarks that can help with the optimization of payments and fraud management and prevention practices.

Apr 23, 2025

All in on Insights: Key Merchant Takeaways From our MRC Focus Group At MRC Las Vegas, top merchants joined Adyen for an interactive roundtable where they candidly discussed what really moves the needle in payments.

Apr 16, 2025

Unmasking Digital Deception With Advanced Bot Detection The digital landscape is under siege by increasingly sophisticated bot attacks and impersonation techniques.

Apr 09, 2025

Leveraging Transaction Data to Reduce Fraud and Shape Business Strategy Discover the transformative power of payment data in enhancing security and building competitive business strategies. This webinar explores how transaction analysis reveals valuable trends like purchasing frequency, preferred payment methods, and regional spending behaviors.

Apr 02, 2025

Unmasking Cross-State Fraud Rings: Advanced Strategies for Fraud Prevention In this in-depth session, GeoComply experts will explore the growing threat of organized fraud rings that operate across state lines, using sophisticated tactics to evade detection. Learn how these criminal enterprises exploit multiple jurisdictions and how advanced technologies, such as geolocation intelligence and machine learning, can help detect and prevent these cross-state fraud activities.

Apr 07, 2025

Use Case Primer: Sift for Card Testing Sift's Payment Protection solution detects and prevents card testing activities by leveraging machine learning models and real-time data analysis. Sift assists businesses by identifying and blocking card testing attempts before they cause harm.

Jan 31, 2025

GeoComply - Geolocation intelligence for financial security - Using digital signatures to proactively detect and block "pig butchering" facilities This whitepaper uncovers how geolocation intelligence can be a game-changer in detecting and blocking the increasingly sophisticated "pig butchering" scams targeting users globally.

Nov 22, 2024

What 19th century economic thinking can teach us about 21st century payments and how ecommerce players ought to respond Accepting local payment methods and choosing methods that meet your business and customers' needs are different. Download the report to implement your local payment methods with data in mind.

Nov 22, 2024

Choosing the right Local Payment Methods - How to select and onboard the Local Payment Methods that will make the biggest difference to your online sales How to select and onboard the right local payment methods to make the biggest difference to your online sales.

View All Resources